159-CVE January Patch Tuesday smashes single-month record

Cyber threat intelligence can inform decisions but is a complex issue. Where it is complete and accurate it is a huge boon. The post Cyber Insights 2025: Cyber Threat Intelligence appeared first on SecurityWeek.

Lydia Blackstone reports: A 20-year-old Best Buy employee is jailed in Savannah after police said he helped a group of suspected shoplifters walk out of the store with more than $40,000 in merchandise, claiming he was pressured by online blackmail threats. Dorian Allen is charged with theft by taking, according to a Savannah Police Department……

Tim Toole reports: A ransomware attack on Business Systems House (BSH), a Middle Eastern partner of payroll provider ADP, led to Broadcom employee data theft in September 2024. Data was leaked online in December, but Broadcom wasn’t informed until May 2025. The El Dorado ransomware group claimed responsibility for the breach, which occurred as Broadcom…

Alex Stevensson reports: Thousands of devices owned by the Luxembourg public sector found to be infected with malware at the end of February have since been updated and secured, digitalisation minister Stéphanie Obertin has said. The security breach was confirmed on 27 February but details were scant at the time, with LSAP deputy Ben Polidori……

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since…

On June 12, 2025, Qilin added ApolloMD to their darkweb leak site with a date of June 6. They claimed to have 238 GB of files. ApolloMD, headquartered in Georgia, is a business associate to hospitals and health systems, providing them with services to enhance clinical operations and patient care, and to optimize financial performance…….